hierarchy associated with said principa l wherein said permissions are 
associated with said plurality of routines based on a first association between 
protection domains and permissions . 

: v 




(Twice Amended) [The method of Claim 1, wherein] A method for providing 



security, the method comprising the steps of: 
detecting when a request for an action is made by a principal; and 
in response to detecting the request, determining whether said action is authorized 
based on permissions associated with a plurality of routines in a calling 
hierarchy associated with said principal, wherein a first routine in said calling 
hierarchy is privileged; and 
wherein the step of determining whether said action is authorized further includes 
determining whether a permission required to perform said action is 
encompassed by at least one permission associated with each routine in said 
calling hierarchy between and including said first routine and a second routine 
in said calling hierarchy, wherein said second routine is invoked after said 
first routine, wherein said second routine is a routine for performing said 
requested action. 
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■ 1 ® jfi- (Twice Amended) A computer-readable medium carrying one or more sequences 
of one or more instructions, the one or more sequences of the one or more 
instructions including instructions which, when executed by one or more 
processors^ causes the one or more processors to perform the steps of: 
5 detecting when a request for an action is made by a principal; and 

in response to detecting the request, determining whether said action is authorized 
based on permissions associated with a plurality of routines in a calling 
hierarchy associated with said principal , wherein said permissions are 
associated with said plurality of routines based on a first association 
10 between protection domains and permissions . 

) 5 (Twice Amended) [The computer readable medium of Claim 1 1] A computer- 

readable medium carrying one or more sequences of one or more instructions, the 
one or more sequences of the one or more instructions including instructions 
which, when executed by one or more processors, causes the one or more 
5 processors to perform the steps of: 



detecting when a request for an action is made by a principal: and 
in response to detecting the request, determining whether said action is authorized 
based on permissions associated with a plurality of routines in a calling 
hierarchy associated with said principal , wherein [:] a first routine in said 
10 calling hierarchy is privileged; and 

wherein the step of determining whether said action is authorized further includes 
determining whether a permission required to perform said action is 
encompassed by at least one permission associated with each routine in 



WDC99 3J64J7-J.050435.00J8 



08/988,431 





said calling hierarchy between and including said first routine and a 
15 second routine in said calling hierarchy, wherein said second routine is 

invoked after said first routine, wherein said second routine is a routine for 
performing said requested action. 

yi . (Twice Amended) A computer system comprising: 
a processor; 

a memory coupled to said processor; 

said processor being configured to detect when a request for an action is made by 
5 a principal; and 

said processor being configured to respond to detecting the request by 

determining whether said action is authorized based on permissions 
associated with a plurality of routines in a calling hierarchy associated 
with said principal, wherein said permissions are associated with said 
10 plurality of routines based on a first association between protection 

domains and permissions . 



REMARKS 

The indication of allowable subject matter in claims 4, 5, 7-10, 14, 15 and 17-20 
is noted with appreciation. Claims 1-3, 6, 11-13, 16 and 21-23 stand rejected under 35 
U.S.C. § 102(e) as being anticipated by Roskind (US 5,987,608). Claims 4, 7-10, 14 and 
17-20 are objected to as being dependent upon a rejected base claim. As a preliminary 
matter, receipt of the Notice of Draftsperson's Patent Drawing Review is acknowledged. 
Applicant recognizes that the present drawings are acceptable for examination purposes 
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